Here's an image of my proposed topology
The deal is that I have a 2-port, load balancing router, with a public IP on port 1 and a private IP on port 2, and running NAT between them. Port 2 is connected to a switch, and that switch has 2 windows 2003 servers connected to it, both with a private IP on the same subnet, and the default gateway is the private IP on the router's port 2.
Up to this point, everything works fine. Both servers have full outgoing access to the Internet through NAT, and when a web request comes into the router on the public IP, it will intelligently decide which of the 2 servers to send to.
Here's where the pain starts. I need to be able to get into each of these servers independent of the load balancer. Since each server has 2 nics, I would like to plug the 2nd port in each server into the secondary switch and give them each a live IP address. But as soon as I configure the public ports on the 2 servers, the private ports stop responding to requests that came through the load balancer.
So here's the rundown on traffic flow:
Web user requests a web page:
A,B,C,D,E,G -or- A,B,C,D,E,I
A request for the public IP of server 1:
A,B,E,F
A request for the public IP of server 2:
A,B,E,H
I think this setup would afford maximum flexibility and failure resistence, but something about the IP scheme just won't fly. Something to do with the default gateways maybe? Everything can ping everything else, but it just won't pass web requests through the radware into the 2 servers, or else it is passing it in, but the response can't get back out. If I completely disable the 2nd nic on each server, then web pages start working through the load balancer again. Maybe it's something to do with the secondary switch not wanting to support to subnets? I don't think that would be a limitation, but I dunno..
I'm stumped, any advice is appreciated!
The deal is that I have a 2-port, load balancing router, with a public IP on port 1 and a private IP on port 2, and running NAT between them. Port 2 is connected to a switch, and that switch has 2 windows 2003 servers connected to it, both with a private IP on the same subnet, and the default gateway is the private IP on the router's port 2.
Up to this point, everything works fine. Both servers have full outgoing access to the Internet through NAT, and when a web request comes into the router on the public IP, it will intelligently decide which of the 2 servers to send to.
Here's where the pain starts. I need to be able to get into each of these servers independent of the load balancer. Since each server has 2 nics, I would like to plug the 2nd port in each server into the secondary switch and give them each a live IP address. But as soon as I configure the public ports on the 2 servers, the private ports stop responding to requests that came through the load balancer.
So here's the rundown on traffic flow:
Web user requests a web page:
A,B,C,D,E,G -or- A,B,C,D,E,I
A request for the public IP of server 1:
A,B,E,F
A request for the public IP of server 2:
A,B,E,H
I think this setup would afford maximum flexibility and failure resistence, but something about the IP scheme just won't fly. Something to do with the default gateways maybe? Everything can ping everything else, but it just won't pass web requests through the radware into the 2 servers, or else it is passing it in, but the response can't get back out. If I completely disable the 2nd nic on each server, then web pages start working through the load balancer again. Maybe it's something to do with the secondary switch not wanting to support to subnets? I don't think that would be a limitation, but I dunno..
I'm stumped, any advice is appreciated!